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apparatus claim and independent claim 9 is a method claim. Claims 5, 7 and 9 are amended to 
correct minor informalities in the claims. New dependent claims 10-16 have been added to 
correspond to pending dependent system claims 2-8. No new matter is presented by the 
amendments herein. 

No additional costs are believed to be due in connection with the filing of this disclosure. 
However, the Commissioner is hereby authorized to charge any additional fees under 37 C.F.R. 
§1.16 and §1.17 that may be required, or credit any overpayment, to our Deposit Account No. 



50-1133. 



Respectfully submitted, 




David M. Mello, Reg. No. 43,799 
McDermott, Will & Emery 
28 State Street 



Date: July 16, 2002 



Boston, MA 02109 
Tel (617) 535-4037 
Fax (617) 535-3800 



6 




1 1. A dynamic file access control and management system configured to access one or more 

2 content sources including a set of files, said system comprising: 

3 A a proxy system linked to said one or more content sources, said proxy system 

4 comprising an access control module configured to selectively obtain a file from 

5 said content sources as a function of an authorization of a user requesting said file 

6 and a set of access policies; 

7 B. a rights management module configured to generate a set of usage rights 

8 associated with said file as a function of a set of predefined usage policies 

9 associated with said file for said user; 

10 C. at least one client device having a client module configured to interface to a client 

1 1 operating system, said client module configured to selectively inhibit operating 

12 system functions with respect to said file as a function of said usage rights; and 

13 D. one or more communication means, via which said file and said usage rights are 

14 provided to said client device. 

1 2. The system according to claim 1, wherein said file and said usage rights are provided to 

2 said client device via different communication means. 

1 3. The system according to claim 1, wherein said files are static files. 

1 4. The system according to claim 1, wherein said files are dynamic files. 

1 5. (Amended) The system according to claim 1, wherein said communication means includes a 

2 secure transform configured to encrypt and encapsulate said file into a message as a function of a 

3 session ID [into a message] and said client is configured to extract said file from said message. 
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1 6. The system according to claim 1 , wherein said proxy system further includes a user 

2 interface, configured to facilitate creation and editing of said access policies and said usage 

3 policies and association of said access policies and said usage policies with said files. 

1 7. (Amended) The system as in claim 1, wherein said client device is a device from a group 

2 comprising: 

3 1) a personal computer; 

4 2) a workstation; 

5 3) a personal digital assistant; 

6 4) an e-mail device; 

7 5) a cellular telephone; 

8 6) a Web enabled appliance; and 

9 7) a server. 

1 8. The system of claim 1 , wherein said proxy system and at least one of said content sources 

2 are hosted on the same computing device. 

1 9. (Amended) A method of dynamic file access control and management comprising: 

2 A. to each of a set of files accessible from a set of content sources by a proxy system, 

3 correlating one or more user and/or client device identifications and defining a set 

4 of usage policies, wherein for a given file said usage policies relate to selectively 

5 enabling or disabling operations associated with said file ["accessing a file 

6 available from a set of content sources, as a function of an authorization of a user 

7 requesting said file and a set of access policies corresponding to said user and said 

8 file]; 



9 B. by said proxy system, generating a set of usage rights associated with [said] a 

10 target file as a function of a set of usage policies associated with said target file 

1 1 and a user or client device identification [for said user] ; 

12 C. communicating said target file and said usage rights to [said] a client device 

13 associated with said identification [of said user, said client device having a client 

14 module configured to interface to a client operating system]; and 

15 D. using [said] a client module at said client device and configured to interface to a 

16 client operating system , selectively inhibiting operating system functions with 

17 respect to said target file as a function of said usage rights. 

1 10. (New) The method of claim 9, wherein in step C, said communicating is accomplished by 

2 communicating said target file and said usage rights to said client device via different 

3 communication means. 

1 11. (New) The method of claim 9, wherein said set of files include static files. 

1 12. (New) The method of claim 9, wherein said set of files include dynamic files. 

1 13. (New) The method of claim 9, wherein said communicating is accomplished using a 

2 communication means that includes a secure transform, including encrypting and encapsulating 

3 said target file into a message as a function of a session ID and said client device is configured to 

4 extract said target file from said message. 

1 14. (New) The method of claim 9, wherein said proxy system further includes a user interface 

2 and step A include creating and/or editing said access policies and said usage policies and 

3 associating said access policies and said usage policies with said set of files using said user 

4 interface. 



1 15. (New) The method of claim 9, wherein said client device is a device from a group 

2 comprising: 

3 1) a personal computer; 

4 2) a workstation; 
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3) a personal digital assistant; 

4) an e-mail device; 

5) a cellular telephone; 

6) a Web enabled appliance; and 

7) a server. 

16. (New) The method of claim 9, further comprising hosting said proxy system and at least one 
content source on the same computing device. 
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